St.LukesHealth sees clearly with Varonis

Private health insurance provider knows if an unauthorised user tries to access its sensitive information.

  • 10 years ago Posted in

Varonis has revealed details of its work with St.LukesHealth. The Tasmania based private health insurance provider is using Varonis DatAdvantage to provide clear visibility across all its IT infrastructure, gaining a better understanding of who can and is accessing data and reduce risk by tightening its security controls. It is utilising the Varonis IDU Classification Framework to find, and lock down, specific data – such as credit card details — wherever it resides within the insurer’s file shares. The final element, Varonis DatAlert delivers real-time alerts on events that warrant immediate scrutiny and potential action. This combination has enabled St.LukesHealth to improve the security of its sensitive data and directories, reduce risks, plus address many of its PCI obligations.


Unlike many other classification solutions that tell you where sensitive data resides, Varonis DatAdvantage also shows where that data is overexposed, who can access it, and who is accessing it. This means St.LukesHealth can comply with PCI guidance in a timely manner by automatically locating and locking down PCI-related data without interrupting the business. Shaw Reid, CIO for St.LukesHealth explains, “We specifically wanted to test DatAdvantage with regards to our PCI compliance requirements. It came up with some very good results. We could see financial files being opened, modified and moved, while capturing who did it.”


Using the bi-directional permissions visibility feature in DatAdvantage, St.LukesHealth can quickly profile the access of the organization’s employees. Shaw adds, “We can now profile staff, identify their security privileges on the network and, once we get enough information on an individual and their work patterns, we can then talk to their management about any permissions that they have that they’re not using for a specific amount of time. This means I can start securing areas by asking, ‘Do you really need this? Is this the right place to store this data? Do we need to put it somewhere else? etc.”


St.LukesHealth has been able to focus efforts to secure its finance systems as Varonis DatAlert issues real-time warnings on any changes to important configuration files, access to sensitive data, access denied events and more. Shaw concludes, “Whenever anyone not working in the finance department attempts to gain entry, we know about it. That is worth the investment right there. Not only is DatAdvantage helping with our system administration processes, but it’s now integral to many of our security practices.”
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...